Portable non-volatile memory devices such as USB Flash Drives (UFD) provide a convenient medium for the storage of user files and for the transfer of these files between different computers.
Different approaches exist for enabling users to prevent unauthorized access of user files stored on portable memory devices, in the event that the device is misplaced or stolen. For example, it is possible to encrypt content stored on some UFD devices from a host device or computer to which the UFD is physically coupled. The encrypted content is accessible only upon authentication with a password. In order to alter a security status of a user file stored on the portable memory device, the user must physically couple the memory device to a computer or other host device and authenticate himself in some way, typically by entering a password.
The most common solutions in use today are:                1) Protecting access to the portable memory device as a whole. The portable memory device does not allow any use, and no file on the device can be accessed in any way unless the user is first authenticated.        2) Protecting access to all files in the device. Even though the device allows some interaction with the user (i.e. listing names of files), no file on the device can be opened for reading or for writing unless the user is first authenticated.        3) Protecting only selected files in the device. Some files are protected and some are not. The authentication may be different for each file. This situation is common when the user creates the files using a software application with built-in encryption capabilities, such as Microsoft Excel or Microsoft Word. Often, the user decides separately for each file whether it should be protected or not, and if yes—with which password will the authentication take place.        4) Hiding some portion of the storage space from the users'view, unless the user is first authenticated. Such approach can be seen in U.S. patent application Ser. No. 10/304,772 entitled “Apparatus and Method For Securing Data On a Portable Storage Device,” filed on Nov. 27, 2002 by Ziv et al, and incorporated by reference herein in its entirety.        
Unfortunately, should a user without immediate access to a computer or other host device desire to alter a security status of a user file stored on the portable memory device, the aforementioned solutions are insufficient. For example, if the owner of the portable memory device desires to give the device to another person for copying only a certain file, the owner is at risk that the second person will, without permission, also copy additional files residing on the device. If the portable memory device supports selective security settings per file, the owner can prevent this by setting the security status of the file to be copied to “unprotected” while designating all other files as “protected”. However, this can be done only if the owner has immediate access to a computer, as this is the only way one is able to change security settings according to the solutions described above.
Even for cases where an owner does have immediate access to a computer, many users consider the process of coupling the device with the computer to present a mild inconvenience, and would certainly prefer a solution which does not require a physical coupling of the device. There is an apparent need for portable memory devices that provide a mechanism for selectively changing the security status of individual and/or groups of user files without requiring a physical coupling of the portable memory device with a host device.
One additional problem that exists for some of the existing solutions is that even though a file is encrypted and cannot be opened, it is still possible to copy it. Thus, an unauthorized person wishing to access sensitive information stored in a protected file residing on a particular device may copy this protected file to a host computer, and then apply sophisticated tools available on this host computer to break the protection of the file.